Compared to existing alternatives, only ProtonDrive comes to mind as something that could work for encrypted cloud backups. Backblaze has a longer history in storage and has a strong track record of keeping data safe. They also do not necessarily hold the private key as stated here:
You have the option with Backblaze to add an additional layer of privacy via a user-selected passphrase. This passphrase will be used to encrypt your private key. This passphrase is your responsibility to remember and safeguard. This is important: if you forget or lose this passphrase there is no way that anyone, including Backblaze, can decrypt, and thus restore, your data.
1 Like
I am going to use Backblaze again soon and I’ll encrypt the data from my side. I dont have to trust them, really.
How did you go about doing that? Running files through Cryptomator and then uploading to Backblaze?
I’m looking for a cloud backup option right now, came to site to see what others recommend in terms of privacy.
I use TrueNAS Scale. There is an option to encrypt files and salt the keys used.
On my laptop, I use rclone (if you’re familiar with it) using their crypt function. Crypt. This automatically encrypt the files before leaving the device. Way convenient than Cryptomator. I also use this on top of S3Drive via browser as a GUI. S3Drive is closed btw.
For Android, I use RSAF, an rclone app for Android, GitHub - chenxiaolong/RSAF: An Android Storage Access Framework document provider for rclone. This lets you “mount” the crypt folder to your files app so you can easily drag and drop files you want to back up via the Files app. Since RSAF is “mounted” that means any app with ability to use SAF will show this encrypted folder, thus making it an encrypted virtual drive. One caveat though is that you need an internet connection to view/backup your encrypted folder.
Another app is Round-Sync, GitHub - newhinton/Round-Sync: An android cloud file manager, powered by rclone. Visit https://roundsync.com for more information!. I forgot if the app has “mount” functionality from limited experience, but I’m pretty sure it only does copy and sync function. And it requires All Files permission while RSAF does not.
Hope this helps.
Got me thinking.
Does it mean that anyone can use any cloud service like Dropbox, onedrive Google drive ect which by default are bad. But use something to encrypt before uploading means that the cloud storage provider is fine to use due to encryption beforehand?
Yes. And Cryptomator is what you should use. It’s free and excellent.
1 Like
Ah yes use that for backing up 2fa seeds and recovery codes locally. Dam useful
1 Like
Yeah. Cryptomator is the only truly private way to get all devices and software to achieve sync including Linux with one of the big tech cloud storage service.
But Ente Auth is great for 2FA. Consider that.
Thank you did consider that. I’m use aegis and backup the export to a folder in cryptomator
Sure. That works too. A little too complicated a set up for me but if it works for you, good.
I used to have a different complicated set ups too but I’ve streamlined my privacy life and tools I use.
Yeah, there is the option for android cloud backup which is encrypted before upload anyhow
There’s also restic which offers e2ee backup on cli (not mobile atm). However, you can back your phone up on your laptop (encrypted) and include that in restic’s backup (encrypted again).